cobmo
asked on
Exchange 2010 expried certificate
I have an expired certificate on the Exchange server. It overlapped with a more recent certificate I bought and added more servers to. So I currently have a valid certificate for Exchange. I need to delete the old one obviously. When I delete it, will it impact any of my users that may be using it? or do they automatically transfer to the new certificate? Do they get a certificate prompt?
I guess I just want to know if deleting the expired cert will affect any users.
I guess I just want to know if deleting the expired cert will affect any users.
ASKER
I do not have a CAS server. Can I do it from the gui?
I do not have a CAS server. Can I do it from the gui?
I am sure you do have an Exchange server that does have the CAS role. Do you have a single Exchange server? If you do then that server is likely holding all of the roles. In that case you will need to run the commands that i have illustrated above.
Will.
ASKER
Also, the Exchange Certificates shows it as "The certificate is valid for Exchange server usage". The other one just says "Expired". When I log onto OWA, the certificate for me shows the newer certificate. I don't know why I think the expired cert would still be used by a user.....
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
There is an Exchange self signed certificate that has expired and is self signed (true). Do I leave that one alone?
Self Signed Certs should not be removed. Only 3rd party SSL certs can be removed.
To renew a self-signed cert use New-ExchangeCertificate cmdlet.
Other than that you should be fine.
Will.
To renew a self-signed cert use New-ExchangeCertificate cmdlet.
Other than that you should be fine.
Will.
- has the new certificate been installed on all of your CAS servers?
- if the above is true you still need to ENABLE the certificate and assign it services (use the below command)
Run this command on every CAS server that has the new certificate installed
Open in new window
Click Y to accept the changes. This new certificate will now become the default and will be used for all of your virtural directories OWA/EAS etc.
You can then remove the other 3rd party SSL cert using the below command...
Open in new window
Press Y to confirm the changes.
Will.